General

  • Target

    gogis.bat

  • Size

    6.9MB

  • Sample

    240416-vt9jpshd9x

  • MD5

    a65e873839228c5b453d6effa5d14d16

  • SHA1

    40be429e0e6b41061f3291d10e720eaebf32eda1

  • SHA256

    59c388b975d290fa525ffefe5aaecb011219ebd3121a7e79e913d980fb7af951

  • SHA512

    84ec1da7d5f5fe236c7fbe960b69d99ae0b6d3fe83844cd2bf3128508d39ad1de35f17dcb101e06fb25b155a806885bb5d6d095fbf3e0a3c729c678fa200f850

  • SSDEEP

    24576:ClNzlllllllllllllllllllllllllllllllllllllllllllllllllllllllllllg:/

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

194.48.251.169:4449

Mutex

wmdekgrrot

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      gogis.bat

    • Size

      6.9MB

    • MD5

      a65e873839228c5b453d6effa5d14d16

    • SHA1

      40be429e0e6b41061f3291d10e720eaebf32eda1

    • SHA256

      59c388b975d290fa525ffefe5aaecb011219ebd3121a7e79e913d980fb7af951

    • SHA512

      84ec1da7d5f5fe236c7fbe960b69d99ae0b6d3fe83844cd2bf3128508d39ad1de35f17dcb101e06fb25b155a806885bb5d6d095fbf3e0a3c729c678fa200f850

    • SSDEEP

      24576:ClNzlllllllllllllllllllllllllllllllllllllllllllllllllllllllllllg:/

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks